A currently ongoing malware campaign is impersonating the United Parcel Service (UPS) in an attempt to trick users into executing the malicious UPS_Document.zip attachment.
Sample subject:United Parcel Service notification
Sample message:Good morning
Parcel notification, The parcel was sent your home adress. And it will arrive within 3 buisness days. More information and the parcel tracking number are attached in document below. Thank you
United Parcel Service of America (c)
153 James Street, Suite100, Long Beach CA, 90000
Upon execution the malware sample downloads scareware variant detected as Mal/FakeAV-LI. Users are advised to pay extra attention when interacting with suspicious emails.